Who's the data controller?

Which information do we collect, why do we collect it, and how do we collect it?

We collect the following information when you place an order, to be able to fulfill it

Name

E-mail address

Address

Phone number

Social security number and payment information that you might put into the checkout box is processed by Klarna and is not something that we process or store on our servers, nor do we have access to it.

Klarna's privacy policy can be found here:
https://cdn.klarna.com/1.0/shared/content/legal/terms/41919/en/privacy

If you choose to create an account we collect the following information

Name

E-mail address

Country

Password - The password is stored securely on our server with so called hashing and salting, which ensures that no one will be able to read it

When contacting us

If you contact our customer service through e-mail or through the web chat the conversation history is archived so that we can help you more efficiently next time you ask us something.

Order history

When you place an order a customer card and a sales order is created in our ERP system. An invoice is created once the order has been fulfilled.

Newsletters

If you follow the link from our website to subscribe to our newsletter you land at Mailchimp's website where you must fill out your e-mail to complete the form. We use their service to conveniently and securely communicate with our customers.

Cookies

General

Cookies are small text files that are stored in your web browser when you visit our website and are used to simplify and enhance your experience. Some are required for the functionality while other optimize the user's experience. The stored information is anonymous. Some cookies are required for your cart and checkout state to be restored on subsequent visits. Function cookies are used to remember your login details and to ensure your security when you're signed in.

If you don't allow cookies to be stored in your browsers some functions on the website might not work as expected. You can easily delete cookies from your computer's or smartphone's web browser. Instructions on how to do this is usually found in the Help section of your browser.

Like most other websites we use cookies to ensure that our website will work correctly, for example when you make a purchase.

Currently the website may store the following cookies when you visit our website:

Hestra's own cookies

We store two cookies to make the basic functionality of the website work:

hestragloves-com-session stores which items are in your cart, and ensures that you will remain logged in after closing the browser. The actual information is encrypted and stored on our servers. Lifespan: 1 year

user-accepts-cookies is stored to not bug you with more reminders after you've clicked OK in our cookies notification. Lifespan: 1 year

Google Analytics

These cookies are stored so that we are able to analyze our pages visitor frequency.
More info: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Klarna

Klarna's cookies are used to make sure that purchases can be made on the checkout page. Please note that these cookies are stored on Klarna's own domains and that our web server is not able to access them.
More info: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/xxxx/cookieoverview

Userlike

These cookies are stored so that the web chat functionality can work properly.
More info: https://www.userlike.com/en/terms

Browser-Update.org

This service is used to notify users if they are using an old web browser which might not be compatible with our web site, and that they should upgrade. The cookie is stored for the service to know if the customer should be reminded again or not.
More info: https://browser-update.org/contact.html

How long is the information stored?

User account

Your user account is stored until you ask us to remove it. If you want us to do so, please contact us at: privacy@hestragloves.com

Order & customer information

The contact and address information that you provide when you place an order is stored by us for 7 years. We have the ability to remove the customer card and order history earlier than that if requested, but unfortunately not for invoices (which basically store the same information), because the Swedish Bookkeeping Act requires us to store the information for at least that long.

Customer service

If you e-mail our customer service the conversation is saved for 3 years after it's been received. Our web chat unfortunately doesn't support automatic removal of conversation history currently, and you must therefore contact us at privacy@hestragloves.com if you want us to do so manually.

Newsletter

Your contact information for newsletters are stored until you explicitly tell us to remove you from the list. In all of our newsletters there's a link to say no to future e-mails.

Where do we process the information?

Your information will primarily be stored with the EU, but because of how some of our third party services (sub-processors) use geographical redundancy for the data, your information may be stored outside of the EU as well (in a "third country"). No matter where the data is stored, we only share the information with sub-processors that we've established a Data Processing Agreement with, that limits the extent of how the company may process the information. This agreement also ensures that the sub-processor complies with the GDPR. All of our sub-processors that apply third country processing follow the EU standard model clauses, which enforces limitations on how the company can transfer information out of the EU.

How do we protect your personal information?

We take active security measures and make use of automated penetration tests to verify that all software on our servers don't contain any known vulnerabilities. We ensure that backups work through recovery tests; routinely ensure that our data processors follow GDPR and identify risks and how they can be prevented. Access to our systems are restricted per group/person depending on what they need to do in their work tasks. Permission levels are carefully controlled and always apply the principle of least privilege. If you want to know more about how we work with security, please contact: privacy@hestragloves.com

Your rights

As a result of GDPR having been activated on May 25th, 2018, European Union citizens have received new rights regarding their personal information. We try to follow these rights for non-EU customers as well.

Right of access to personal data

If you want further insight into the processing we do, you have the right to make a request for where we store data about you and what type etc. If explicitly requested, you can receive a copy of the actual data as well.

After repeated requests we have the right to charge an administrative fee.

Right to rectification of personal data

You have the right to have your erroneous personal data corrected, or to submit complementary information if something has been left out.

Right to erasure of personal data

Under some circumstances you have the right to have your personal information removed. But there can't be any legal obligation preventing us from doing so, i.e. we can't delete invoices with your personal information until 7 years after purchase.

Right to restriction of data processing

You have the right to restrict our processing of your personal information under some circumstances, for example while we rectify some personal data on you, or we're processing a request of erasure.

Right to data portability

You have the right to receive a copy of your personal data in a machine processable format.